Mapping Linux extended attribute namespaces

Hi everybody
Our extended attribute API is derived from FreeBSD. It uses an int as
the namespace. Two namespaces are defined, system and user. For UFS1,
we store system attributes in /.attribute/system et user attributes in
/.attribute/user. Other namespaces are not honoured.
Linux extended attribute API uses a dot-delimited string prefix in the
attribute name as the namespace (e.g.: system.foo or user.bar). That
scheme let developers easily introduce any new namespace. A few namespace
are widely used and enjoy special treatments for access control: system,
trusted, security and user. See Linux attr(5) for the details of
acess control for the four deflined Linux namespaces:
http://linux.die.net/man/5/attr
We have a Linux API available from <sys/xattr.h>. It stores Linux system,
trusted and security namespaces as native system namespace, and anything
other as native user namespace. It is available in latest HEAD and netbsd-5.
If one day we want to emulate the access control semantics of Linux
trusted and security namespaces, we need to introduce native namespaces
for them, otherwise we cannot tell the difference between them and
system namespace. Since our extended attributes have never been usable
in a a NetBSD release, I sugest to do it right now, as it will not
cause backward incompatibility. Doing it after a reelase where trusted
and security are mapped as system would need administrator intervention
to fix things.
Opinions?
--
Emmanuel Dreyfus
manu%netbsd.org@localhost